[84616] in North American Network Operators' Group
Re: image stream routers
daemon@ATHENA.MIT.EDU (Deepak Jain)
Sat Sep 17 17:24:31 2005
Date: Sat, 17 Sep 2005 17:24:00 -0400
From: Deepak Jain <deepak@ai.net>
Reply-To: deepak@ai.net
To: Paul G <paul@rusko.us>
Cc: nanog@merit.edu
In-Reply-To: <076201c5bbcc$57738c40$1ba5c044@rusko>
Errors-To: owner-nanog@merit.edu
>>>It sounds to me like a software based machine can
>>>be plenty fast with good code under the hood.
>
>
>>In my experience a datacenter pumping out 1Gbps is usually doing
>>200-250kpps in that direction. Considering this a box capable of
>>around 1Mpps is "plenty fast".
>
>
> ... until you get an inbound ddos over that shiny gige at 1.44 Mpps. in
> today's world, planning for normal circumstances is woefully insufficient,
> you have to spec based on worst case numbers because you're almost
> guaranteed they will hit your network upside the head in the future.
>
Not to belabor the perennial software vs hardware router discussion,
these types of platforms can be useful in situations where you have
powerful hardware routers upstream of them to protect them. For example
if you have access customers terminating on a router like this... if you
get a DDOS from them, you simply turn off the port and notify them. If
its inbound, your border router takes care of you.
just an idea.
Deepak Jain
AiNET
